645 results about "Expiration Time" patented technology

A system and method for protecting confidential user information employed in an electronic transaction. The system and method provide for associating an expiration time/time period, use or other use-limiting authorization indicator with a credit card or other user information to be transferred to a user information recipient, in conjunction with a product/service payment or other business transaction with a hosted contact center. Embodiments of the invention further provide for forming a limited-use indicator, such as a use-limiting token, by associating a transaction agent indicator and a use-limiting indicator with the user information, and for verifying a limited use indicator received from a contact center agent and determining according to such indicator, in addition to any ordinary verification that might also be conducted, whether the use limitation has been met and whether the transaction should be authorized in accordance with the use limitation.

A secure streaming content delivery system provides a plurality of content servers connected to a network that host customer content that can be cached and/or stored, e.g., images, video, text, and/or software. The content servers respond to requests for customer content from users. The invention load balances user requests for cached customer content to the appropriate content server. A user makes a request to a customer's server/authorization server for delivery of the customer's content. The authorization server checks if the user is authorized to view the requested content. If the user is authorized, then the authorization server generates a hash value using the authorization server's secret key, the current time, a time-to-live value, and any other information that the customer has configured, and embeds it into the URL which is passed to the user. A content server receives a URL request from the user for customer content cached on the content server. The request is verified by the content server creating its own hash value using the customer server's secret key, the current time, a time-to-live value, and any other related information configured for the customer. If the hash value from the URL matches the content server's generated hash value, then the user's request is valid and within the expiration time period and the content server delivers the requested content to the user.

A fast authentication and access control method of authenticating a network access device to a communications network having an access point communicating with a remote authentication (home AAA) server for the network access device. The method includes the step of receiving an access request having an authentication credential from the network access device at the access point. The authentication credential includes a security certificate having a public key for the network access device and an expiration time. The security certificate is signed with a private key for the remote authentication server. The access point locally validates the authentication credential by accessing the public key of the remote authentication server from a local database, and checking the signature and expiration time of the security certificate. If the authentication credential is validated at the access point, the access point grants the network access device conditional access to the network by sending an access granted message to the network access device. The access granted message includes a session key encrypted with a public key for the network access device. The session key is stored in a database associated with the access point. The access point contacts the remote authentication server to check a revocation status of the security certificate for the network access device. If the access point receives a message from the remote authentication server that the authentication credential for the network access device has been revoked, it suspends network access for the network access device.

The present invention is directed towards a method and system for providing granular timed invalidation of dynamically generated objects stored in a cache. The techniques of the present invention incorporates the ability to configure the expiration time of objects stored by the cache to fine granular time intervals, such as the granularity of time intervals provided by a packet processing timer of a packet processing engine. As such, the present invention can cache objects with expiry times down to very small intervals of time. This characteristic is referred to as “invalidation granularity.” By providing this fine granularity in expiry time, the cache of the present invention can cache and serve objects that frequently change, sometimes even many times within a second. One technique is to leverage the packet processing timers used by the device of the present invention that are able operate at time increments on the order of milliseconds to permit invalidation or expiry granularity down to 10 ms or less.

Clients that are connected on a private network and which are assigned a private IP address that is not routable on the Internet can connect to the Internet through a router/server that includes a network address translator (NAT). For outgoing packets, the NAT translates the client's private source IP address and generalized port number (GPN) to the NAT's global IP address and GPN. For incoming packets sent to the NAT's global IP address and GPN, the NAT translates the global destination IP address and GPN to the client's private IP address and GPN. For protocols which cannot be directly supported by the NAT, such as those in the IPSec security protocol suite, the NAT is extended by creating in the NAT's translation table an entry that associates, for a specific unsupported protocol, a client's private IP address and GPN, the NAT's global IP address and GPN, and a foreign address on the Internet, that is valid until a specified or default expiration time. Outgoing packets from the client to that foreign address and incoming packets from that foreign address to the NAT's global IP address and GPN are translated according to the entry until the entry expires. In associations with these translations to outgoing and incoming packets, the client implements any Application Layer Gateway (ALG) that would otherwise be implemented at the NAT. Further, at the client, outgoing packets are modified before being transmitted so as to pre-compensate for the effects of the translations. Incoming packets at the client from the NAT are similarly modified so as to post-compensate for the effects of the translations. For the IPSec protocol, these modification include adjusting the checksum in the TCP or UDP header to account for IP address and TCP or UDP port number translations.

Guaranteed, exactly once delivery of messages is disclosed. In one embodiment, there is a sender and a receiver. In a sender transaction, the sender does the following: receives a message from a sender queue; generates a substantially unique identifier and an expiration time for the message; and, saves the identifier, the expiration time, and the message in a sender database. The sender then sends the identifier, the expiration time, and the message to the receiver. In a receiver transaction, the receiver then does the following: receives the identifier, the expiration time, and the message from a receiver queue; determines whether the message has expired based on the expiration time and determines whether the message is present in a receiver database by its identifier; and, upon determining that the message has not expired and is not present in the receiver database, stores the message in the receiver database, and performs actions associated with the message.

Option contracts are traded by valuing an option that has at least one of a) strike price or b) expiration time unknown at the time the option is valued. The previously unknown values of the option are assigned at the time or after the time the trade is completed. An implied underlying price stream is generated from the option prices through the use of feedback between market participants and the marketplace. The resulting system is useful in trading option contracts of short time duration.

Fast call set-up for a call to a multi-mode communication unit (102) is facilitated by a method and apparatus for registering and re-registering priorities with a SIP registrar (111). A list of contacts with first priorities associated with a mode of operation in a first enterprise network (106) is established and used. A switch to second priorities is made when a probability of a switch from the first mode of operation to a second mode of operation in a second cellular network (108) satisfies a threshold. The list of contacts includes a contact having an expiration time for the first mode of operation. A quality factor is determined and the list of contacts is re-registered and the expiration time changed if the quality factor does not satisfy a threshold.

A system and method for assigning certificates and reducing the size of the certificate revocation lists in a PKI based architecture for a vehicle wireless communications system that includes separating a country, or other area, into geographic regions and assigning region-specific certificates to the vehicles. Therefore, a vehicle need only process certificates and certificate revocation lists for the particular region that it is traveling in. Vehicles can be assigned multiple certificates corresponding to more than one region in the vehicles vicinity as advance preparation for possible travel or transmission into nearby regions. Further, the expiration time of certificates assigned to vehicles corresponding to a given geographic region can be tailored to be inversely proportional to the distance from a registered home region of the vehicle. A scalable design for a back-end certifying authority with region-based certificates can also be provided.

A method, system and computer accessible medium for expiring access tokens in preparation for freezing file images. A metadata server may maintain a next scheduled quiesce time and may issue access tokens configured to expire before the next scheduled quiesce time. A metadata server may set an access token's expiration time to a maximum expiration time indicated by the next scheduled quiesce time or may set an access token's expiration time to a default expiration time if the default expiration time is earlier than the maximum expiration time. A storage device may recognize and enforce the access token's expiration time.

A method and apparatus for conditioning the access of a user of a remotely-accessible device, which tracks and monitors objects, by using a preprogrammed expiration time and date and comparing that to a reliable time and date source, such as a time and date received from a global positioning system receiver, and disabling the processing of signals of the remotely-accessible device if the time and date comparison reveals that the license, service, lease, rental or commodity agreement has expired.

A system for tracking a number of items borrowed or rented by customers includes a chute reading identification data from each item as the item is returned through the chute by the customer. Data records associated with the returned items are updated to indicate the items are available, even before the items can be restocked. The time at which an item is returned may be compared with a time at which it is due, with an additional fee being added to an account of a customer borrowing or renting an item that is returned late.

A system for controlling memory for storage of content includes a network entitiy, such as a terminal or a content source. The network entity includes a download manager capable of receiving a selection of at least one piece of content. The download manager is also capable of reserving at least a portion of a storage capacity of memory of a terminal for at least one of the selected piece(s) of content such that the terminal can thereafter receive and store the selected piece(s) of content into the reserved storage capacity. To facilitate reserving storage capacity, the selected piece(s) of content and/or content stored in memory of the terminal includes a set of one or more parameters, such as an expiration time, a deletion priority value and/or a download priority value.

A fast authentication and access control method of authenticating a network access device to a communications network having an access point communicating with a remote authentication (home AAA) server for the network access device. The method includes the step of receiving an access request having an authentication credential from the network access device at the access point. The authentication credential includes a security certificate having a public key for the network access device and an expiration time. The security certificate is signed with a private key for the remote authentication server. The access point locally validates the authentication credential by accessing the public key of the remote authentication server from a local database, and checking the signature and expiration time of the security certificate. If the authentication credential is validated at the access point, the access point grants the network access device conditional access to the network by sending an access granted message to the network access device. The access granted message includes a session key encrypted with a public key for the network access device. The session key is stored in a database associated with the access point. The access point contacts the remote authentication server to check a revocation status of the security certificate for the network access device. If the access point receives a message from the remote authentication server that the authentication credential for the network access device has been revoked, it suspends network access for the network access device.

A version number is associated with an encrypted key executable to allow real time updating of keys for a system which facilitates users signing on to multiple websites on different domains using an encrypted ticket. Two keys may be used at each site during updating of keys, each having an associated one digit Hex version tag. When a key is to be updated with a new key, the existing or old key is provided an expiration time. A second key is provided from the system in a secure manner with a new version number and made the current key which provides decryption of the encrypted ticket. The system tracks both keys while they are concurrent. After the existing key expires, only the second, or updated key is used to provide login services for users. The system periodically flushes old keys.

A dynamic pricing system for pricing items for sale by a seller which items are available in a limited quantity comprises a pricing server and various types of data stored in memory. The pricing server includes memory, a processor and a clock. One type of data stored in memory is indicative of the initial quantity of an item available in a limited quantity. Another type of data stored in memory is indicative of the current remaining quantity of the item available in a limited quantity. Yet another type of data stored in memory is indicative of an expiration time at which it is desired that all of the item available in a limited quantity be sold. The processor is configured to price the item available in a limited quantity so as to deplete the inventory of the item available in a limited quantity by the expiration date based in part by accessing the memory to retrieve the data indicative of the initial quantity, the current remaining quantity and the expiration time and accessing the clock.

A method of operating a CPAP apparatus in which the interface pressure is controlled to rapidly drop at the start of expiration by an expiratory relief pressure (ERP) that is independent of instantaneous respiratory flow, following which the pressure rises to an inspiratory level at or shortly before the end of expiration, or at the onset of an expiratory pause, if any. The ERP is an increasing function of the inspiratory pressure. The expiratory pressure follows a template that is a function of the expected expiration time, the magnitude of the template being equal to the ERP. The current estimated proportion of expiration is determined by comparing the expiration time of the breath in progress to low-pass filtered expiratory durations measured for a number of the preceding breaths.

Systems and methods are described for electronic message expiration processing, in which a message originator or recipient can set an expiration time/date attribute for individual emails, short messages, or other electronic messages, and the messages are automatically deleted from the recipient's system or handled according to other user-selected processing rules when the expiration time/date has past.